From 9c556987f5cd1987b700bd677d8f77b0d56f416b Mon Sep 17 00:00:00 2001 From: Mayank Gandhe Date: Sun, 2 Jul 2023 21:57:03 +0530 Subject: [PATCH 1/4] fixed ipv6 log issue --- proxy.go | 27 +++++++++++++++++++-------- 1 file changed, 19 insertions(+), 8 deletions(-) diff --git a/proxy.go b/proxy.go index e008c50..8259edf 100644 --- a/proxy.go +++ b/proxy.go @@ -9,12 +9,6 @@ import ( "encoding/json" "errors" "fmt" - "github.com/google/uuid" - "github.com/lestrrat-go/jwx/jwa" - "github.com/lestrrat-go/jwx/jws" - "github.com/lestrrat-go/jwx/jwt" - "github.com/rs/zerolog" - "golang.org/x/net/idna" "io" "io/ioutil" "net/http" @@ -23,6 +17,13 @@ import ( "time" unicode "unicode" + "github.com/google/uuid" + "github.com/lestrrat-go/jwx/jwa" + "github.com/lestrrat-go/jwx/jws" + "github.com/lestrrat-go/jwx/jwt" + "github.com/rs/zerolog" + "golang.org/x/net/idna" + "github.com/rs/zerolog/log" ) @@ -525,8 +526,18 @@ const colon = ":" func parseHost(request *http.Request) string { //ignore conversion errors - al := strings.Split(request.Host, colon)[0] - al2, _ := idna.ToASCII(al) + al := strings.Split(request.Host, colon) + // ipv6 + if len(al) == 8 { + ipv6, _ := idna.ToASCII(request.Host) + return ipv6 + } + // ipv6 with port + if len(al) == 9 { + ipv6Port, _ := idna.ToASCII(strings.Join(al[0:8], ":")) + return ipv6Port + } + al2, _ := idna.ToASCII(al[0]) return al2 } From 2bf56b4fc87d752ffa666a846111918099f97b6d Mon Sep 17 00:00:00 2001 From: Mayank Gandhe Date: Mon, 3 Jul 2023 15:58:27 +0530 Subject: [PATCH 2/4] validating ip using net package --- proxy.go | 26 ++++++++++++++++++-------- 1 file changed, 18 insertions(+), 8 deletions(-) diff --git a/proxy.go b/proxy.go index 8259edf..28f1663 100644 --- a/proxy.go +++ b/proxy.go @@ -11,6 +11,7 @@ import ( "fmt" "io" "io/ioutil" + "net" "net/http" "strconv" "strings" @@ -524,18 +525,27 @@ func infoOrDebugEv(proxy *Proxy) *zerolog.Event { const colon = ":" +func isIPv6(address string) bool { + ip := net.ParseIP(address) + return ip != nil && ip.To4() == nil +} func parseHost(request *http.Request) string { //ignore conversion errors - al := strings.Split(request.Host, colon) - // ipv6 - if len(al) == 8 { - ipv6, _ := idna.ToASCII(request.Host) - return ipv6 + if isIPv6(request.Host) { + return request.Host } - // ipv6 with port + al := strings.Split(request.Host, colon) + fmt.Println("Number of colons", len(al)) if len(al) == 9 { - ipv6Port, _ := idna.ToASCII(strings.Join(al[0:8], ":")) - return ipv6Port + host := strings.Join(al[:8], ":") + fmt.Println("Host - ", host) + if isIPv6(host) { + return host + } + return request.Host + } + if len(al) > 2 { + return request.Host } al2, _ := idna.ToASCII(al[0]) return al2 From c7dbad6c7c23daadd206cd1484d1421e96e07e81 Mon Sep 17 00:00:00 2001 From: "simon.mittag" Date: Sat, 15 Jul 2023 13:13:17 +1000 Subject: [PATCH 3/4] added test cases to check for ipv4, ipv6 hosts, with and without ports --- proxy_test.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/proxy_test.go b/proxy_test.go index 6f9b543..26cb67d 100644 --- a/proxy_test.go +++ b/proxy_test.go @@ -471,6 +471,11 @@ func TestParseHost(t *testing.T) { host string }{ {name: "simple", url: "http://host/path", host: "host"}, + {name: "simple ipv4", url: "http://127.0.0.1/path", host: "127.0.0.1"}, + {name: "ipv4 with port", url: "http://127.0.0.1:8080/path", host: "127.0.0.1"}, + {name: "simple ipv6", url: "http://::1/path", host: "::1"}, + {name: "simple ipv6 in brackets", url: "http://[::1]/path", host: "[::1]"}, + {name: "ipv6 with port", url: "http://[::1]:8080/path", host: "[::1]"}, {name: "simple with port", url: "http://host:8080/path", host: "host"}, {name: "fqdn with port", url: "http://sub.host.com:8080/path", host: "sub.host.com"}, {name: "idna simple", url: "http://aaa😀😀😀:8080/path", host: "xn--aaa-th33baa"}, From fab215dc69e4f801258c68d7cffa42c3909648d2 Mon Sep 17 00:00:00 2001 From: Simon Mittag Date: Sun, 3 Dec 2023 08:50:19 +1100 Subject: [PATCH 4/4] fixed naive impl, added more tests --- proxy.go | 29 ++++++++++++----------------- proxy_test.go | 8 ++++++++ 2 files changed, 20 insertions(+), 17 deletions(-) diff --git a/proxy.go b/proxy.go index 28f1663..183bf66 100644 --- a/proxy.go +++ b/proxy.go @@ -529,26 +529,21 @@ func isIPv6(address string) bool { ip := net.ParseIP(address) return ip != nil && ip.To4() == nil } + func parseHost(request *http.Request) string { - //ignore conversion errors - if isIPv6(request.Host) { - return request.Host - } - al := strings.Split(request.Host, colon) - fmt.Println("Number of colons", len(al)) - if len(al) == 9 { - host := strings.Join(al[:8], ":") - fmt.Println("Host - ", host) - if isIPv6(host) { - return host - } - return request.Host + host := request.Host + hostElements := strings.Split(host, ":") + //trim port for ipv4 + if len(hostElements) == 2 { + host = hostElements[0] } - if len(al) > 2 { - return request.Host + + //trim port for ipv6 + if strings.Contains(host, "]") { + host = host[:strings.LastIndex(host, "]")+1] } - al2, _ := idna.ToASCII(al[0]) - return al2 + host, _ = idna.ToASCII(host) + return host } func parseMethod(request *http.Request) string { diff --git a/proxy_test.go b/proxy_test.go index 26cb67d..9f621a8 100644 --- a/proxy_test.go +++ b/proxy_test.go @@ -475,7 +475,15 @@ func TestParseHost(t *testing.T) { {name: "ipv4 with port", url: "http://127.0.0.1:8080/path", host: "127.0.0.1"}, {name: "simple ipv6", url: "http://::1/path", host: "::1"}, {name: "simple ipv6 in brackets", url: "http://[::1]/path", host: "[::1]"}, + {name: "simple ipv6 in brackets", url: "http://[::]/path", host: "[::]"}, + {name: "simple ipv6 in brackets", url: "http://[2001:db8::]/path", host: "[2001:db8::]"}, + {name: "simple ipv6 in brackets", url: "http://[::1234:5678]/path", host: "[::1234:5678]"}, + {name: "simple ipv6 in brackets", url: "http://[2001:db8::1234:5678]/path", host: "[2001:db8::1234:5678]"}, + {name: "full ipv6 in brackets", url: "http://[2001:db8:3333:4444:5555:6666:7777:8888]/path", host: "[2001:db8:3333:4444:5555:6666:7777:8888]"}, {name: "ipv6 with port", url: "http://[::1]:8080/path", host: "[::1]"}, + {name: "ipv6 with port", url: "http://[::1234:5678]:8080/path", host: "[::1234:5678]"}, + {name: "ipv6 with port", url: "http://[2001:db8::1234:5678]:8080/path", host: "[2001:db8::1234:5678]"}, + {name: "ipv6 with port", url: "http://[2001:db8:3333:4444:5555:6666:7777:8888]:8080/path", host: "[2001:db8:3333:4444:5555:6666:7777:8888]"}, {name: "simple with port", url: "http://host:8080/path", host: "host"}, {name: "fqdn with port", url: "http://sub.host.com:8080/path", host: "sub.host.com"}, {name: "idna simple", url: "http://aaa😀😀😀:8080/path", host: "xn--aaa-th33baa"},